Lucene search

[email protected]CVE-2006-0970

HistoryMar 03, 2006 - 11:02 a.m.

CVE-2006-0970

2006-03-0311:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-0970

php

remote file inclusion

index.php

activecampaign

supporttrio

nvd

8.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

84.9%

JSON

PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter.

CPENameOperatorVersion
activecampaign:generalactivecampaign generaleq*
activecampaign:knowledgebuilderactivecampaign knowledgebuildereq*
activecampaign:visualeditactivecampaign visualediteq*
activecampaign:isalientactivecampaign isalienteq*
activecampaign:1-2-allactivecampaign 1-2-alleq*
activecampaign:supporttrioactivecampaign supporttrioeq*

CPE	Name	Operator	Version
activecampaign:general	activecampaign general	eq	*
activecampaign:knowledgebuilder	activecampaign knowledgebuilder	eq	*
activecampaign:visualedit	activecampaign visualedit	eq	*
activecampaign:isalient	activecampaign isalient	eq	*
activecampaign:1-2-all	activecampaign 1-2-all	eq	*
activecampaign:supporttrio	activecampaign supporttrio	eq	*

References

securityreason.com/securityalert/505

www.osvdb.org/3228

www.securityfocus.com/archive/1/426214/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/24989

8.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

84.9%

JSON

Related for CVE-2006-0970

prion1 cvelist1